idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Grafik: idw-Logo

idw - Informationsdienst
Wissenschaft

Science Video Project
idw-Abo

idw-News App:

AppStore

Google Play Store



Instance:
Share on: 
09/19/2022 16:16

Lights on or off? Cyber security and resilience of power grids make the difference

Anne Rindt Wissenschaftskommunikation
Fraunhofer-Institut für Kommunikation, Informationsverarbeitung und Ergonomie FKIE

    Large-scale and prolonged power outages, waste piling up as waste disposal ceases to function, disruptions to water or gas supplies – successful cyber attacks on critical infrastructures, especially the power grid, can have serious consequences. Holistically conceived cyber security is necessary to prevent such scenarios. As part of the Fraunhofer Center for Digital Energy, Fraunhofer FKIE is working with partners to increase IT security and make the sector resilient to attacks.

    Despite the high security standards in Europe and especially in Germany, electricity grids are among the most vulnerable of infrastructures – mainly a consequence of increasing digitalisation. For example, the increased use of renewable energy has led to micro-generators, and requires increased electromobility to quickly respond to imbalances in supply and demand, leading to stronger simultaneity effects. Moreover, electricity generation is geographically decoupled from consumption, as energy is generated by wind power in the north, while consumption also takes place in the south.

    High vulnerability

    Although Germany in particular has a very well-developed electricity grid, bottlenecks occur as a consequence because the necessary grid expansion does not take place fast enough. In order to better utilise the power grids and make use of existing reserves, close coordination and digitalisation between operators is necessary. In addition, processes that were previously carried out manually will no longer be possible without IT support in the future. This opens up further possibilities for attackers from cyberspace to attack and disrupt electricity grids.

    High-value targets KRITIS

    In addition, critical infrastructures are high-value targets. It is not without reason that the European NIS-2 directive is intended to expand the regulations with regard to cyber security for KRITIS operators. At the same time, the Federal Office for Information Security (BSI) forsees an increased threat situation as a result of the war in Ukraine. The consequences of a power supply failure can be particularly serious, as other KRITIS areas such as communication, water supply and food production depend on it.
    Holistic security

    The Fraunhofer Institutes FKIE and FIT as well as RWTH Aachen University have therefore joined forces in the Fraunhofer Center for Digital Energy to investigate the challenges of the digitalisation of energy supply in an interdisciplinary manner and to develop customised solutions. The energy engineers and IT specialists work hand in hand to increase security and make the sector more resilient to attacks.

    The focus of the Fraunhofer FKIE is on cyber security. For example, it is developing concrete implementations of various existing approaches, such as analysis using fuzzing, in which software and hardware are deliberately confronted with manipulated inputs in order to provoke errors. Another analysis approach examines device firmware used in energy technology. The technical basis for the analyses is the "Firmware Analysis and Comparison Tool" (FACT) developed by Fraunhofer FKIE, which has already been used in the past to identify significant defects in other classes of devices. This helps device operators to better assess risks and accelerate update processes. Manufacturers are supported by a process to close any vulnerabilities.

    Integration into energy systems is important

    Furthermore, Fraunhofer FKIE is committed to ensuring that cyber security is considered and taken into account from the very beginning when developing new, innovative measures for the power grid. This security-by-design approach was discussed together with the power grid operators within the research project "Innovations in system management until 2030" (InnoSys 2030) and now forms the basis for the secure implementation of the innovative measures.

    Furthermore, the aim is to detect cyber attacks as early as possible. Classic intrusion detection (IDS) or security incident and event management (SIEM) systems are not sufficient in the case of power grids. Rather, they must be integrated into the power engineering processes. Often this represents the last line of defence and can make the difference between the lights staying on or going out.


    Contact for scientific information:

    Prof. Dr. Elmar Padilla

    Head of Department "Cyber Analysis & Defense"
    Fraunhofer FKIE

    Mail: elmar.padilla@fkie.fraunhofer.de


    More information:

    https://www.fkie.fraunhofer.de/en/press-releases/cyber-security-for-kritis.html


    Images

    Lights on or off? Cyber security and resilience of power grids make the difference.
    Lights on or off? Cyber security and resilience of power grids make the difference.

    123RF / Yuliufu


    Criteria of this press release:
    Business and commerce, Journalists, Scientists and scholars
    Economics / business administration, Electrical engineering, Energy, Information technology
    transregional, national
    Research projects, Transfer of Science or Research
    English


     

    Help

    Search / advanced search of the idw archives
    Combination of search terms

    You can combine search terms with and, or and/or not, e.g. Philo not logy.

    Brackets

    You can use brackets to separate combinations from each other, e.g. (Philo not logy) or (Psycho and logy).

    Phrases

    Coherent groups of words will be located as complete phrases if you put them into quotation marks, e.g. “Federal Republic of Germany”.

    Selection criteria

    You can also use the advanced search without entering search terms. It will then follow the criteria you have selected (e.g. country or subject area).

    If you have not selected any criteria in a given category, the entire category will be searched (e.g. all subject areas or all countries).